EH-Net

I just felt the urge to share the fact that I took and passed my Sec+ Exam today.  For those thinking about taking it, I can say that it's not to hard but don't underestimate it.   Now I need to line up my next course of action. I would like to get at least one more cert before I graduate in a couple months.  I'm thinking about starting on the Microsoft tests for MCSA.

Congratulations Laz3r.
Good effort and well done for passing, and all the best with the future training.

Congrats Laz3r!   I went the Microsoft route a long time ago.  I can tell you that the tests weren't too difficult, but they are definitely a pain.  Microsoft really wants you to think a certain way, and sometimes that's counter-productive.  Much of trick is just learning how to play ball by their rules :).   I would say go for the full MCSE, rather than MCSA.   I also believe they changed the names of the certs recently because they got into some trouble with the term "engineer" overseas. 

You can also think about going after CCNA, although that's not really my cup of tea.

Thanks guys.  If I go for the MCSA, I'll probably tack the E on a little afterwards.  From my understanding, It's just a couple tests more.  Everything for MCSA applies to MSCE.  As somebody who still has absolutely no work experience, and a short budget, I need to choice my certs carefully.  Try to avoid overlap (for now).  I have a few books for the server and XP tests (aswell as plenty of tinkering experience with them), and Sec+ will count towards MCSA.  Since I already have everything I need for those tests, I think this would be the most cost effective option at the moment.

I've been thinking Sec+ might be the right place to start for me, for my first security cert.

Curious what materials did you like, and which ones did you think were not worth the price when studying?

*edit: and of course being excited about picking someone's brain on learning materials, I forgot to to say congratulations.

Laz3r, I did the entire MCSE thing on my own.   I read the books and I practiced with Transcenders test simulations.  You can totally do this without going to any bootcamps. 

Congrats Laz3r,

good to see hard work pay off.

Congratulations, Laz3r. ;)

Congrats! :)

Yes, Sec+ counts as 1 of 4 required for MCSA. You'll need to pass a client exam (270 - XP Pro) and two administration exams (290/291, server and network services).

If you can afford it - or if you search the Internet, you can find PDF versions (of course, not that I endorse doing so ;) - I highly recommend the MS Press books. If you read them and actually do the tasks included you should have no problem passing the actual exams. Pay attention to the same questions and so forth too as you're highly likely to encounter very similar questions on the test.

And again, nice work on Sec+!

BillV

Congrats man.  I know I should probably take this down the road just for kicks.  How many questions and how much time is this exam these days?  I have a few books on the first version of this exam and don't know if I feel the need to buy any updated ones being that I am in the field.

Depending on the test the duration should last between 2 hours and 4 hours iiirc, questions between 45 and 90.

Thanks guys.  I didn't buy much study material.  I had a this old book (http://www.amazon.com/Security-Guide-Networking-Fundamentals/dp/0619215666/ref=sr_1_15?ie=UTF8&s=books&qid=1251655882&sr=8-15), and I picked up this review guide (http://www.amazon.com/CompTIA-Security-Review-Guide-SY0-201/dp/0470404841/ref=sr_1_12?ie=UTF8&s=books&qid=1251655882&sr=8-12) to bridge from the old test to the new test.  I also used this site (http://www.techexams.net/co_securityplus.shtml).  I'm sure there are better books out there, but these worked well enough (obviously).  If you're anything like me and have trouble bringing yourself to study the boring parts, I suggest scheduling your test soon.  I scheduled mine a month out, and the time restraint forced me to study the boring stuff like fire extiguishers and hot/warm/cold sites.

The test had 100 questions and a 90 minute time limit.  Which is a lot more time then I think is necessary.  There were only a couple questions that I had to debate about the right answer, most of them were either you know it or you don't.   Which makes for a quick test.  It took me 25 minutes.

As for the MCSA/E stuff, I've got the Course Technology books for XP and the 290/291.  I'm thinking those plus some google-fu should be more than enough.

That review guide was one of the books I was looking at. I was looking at the deluxe study guide and another book that makes up the study pack (With the regular study guide). I checked my local library and they have very few books on the subject (read none on sec+).

As for scheduling the test for a month out and forcing the study, that didn't work with my CCNA the last time I took it. I kept pushing it out. Didn't study well either, and never had anything hands on (it had been 4 years since I touched a switch or router at the time). I even had a job depending on me getting my CCNA and still managed to fail because I didn't take my study seriously.

When I'm serious about studying, I can do even the boring parts, just takes forever to read.

I always appreciate to read about study materials which were used to study and helped in order to pass. Especially as I would like to go for S+ as well as soon as I got my CEH.

you rock mike... grats =)

I see  a lot of references to Microsoft, is the Sec+ you are referring to the same as the Comptia Security+?

If so, how would you compare it to the CEHv6?

My intention was to take the CEHv6 and then shortly after take Security+ while everything from the prior was still fresh in my mind.  Do you think this tactic would work, or are there a lot of differences?

When writing Sec+ or S+ we mean Security+ by CompTIA, yes.

I would recommend to go the other way round, first Security+ and then CEH.

Ok thanks for clearing up the terminology.  What about my main question?

Well, Security+ is a cert which covers mostly basics. Although CEH is said to be an entry cert as well, I would say it is more advanced than S+ and therefore I would recommend first S+ and thenafter CEH.

Which topics on each cert will be covered can be read on their websites. Shortly said, S+ covers many fundamentals and concepts and CEH is very tool-based.

Entry level cert??  Wow I hope it's not dismissed that easily by employers, I was really counting on this being respected at least a little bit.

What would you say is more advanced than CEH then?

Also in your opinion, if I were to take the CEH official training course, but not a Sec+ course, would I stand a chance at passing Sec+?

Sec+ and CEH cover slightly different concepts.  Both of these certs are fairly respected by employers, though I doubt they will be enough to land you a job.  I would concentrate on picking up knowledge and experience and then go for certifications.   

I won't be relying on CEH certification alone to get a job, although for the next few years it's all I will have.  I'm 20 and have several more years of college left before I can say I have a degree in anything, so I would hope that showing the employer that I've got CEH would be a temporary fix.

Kind of on the same note as ketchup... Don't focus on the cert itself, focus on learning.  The cert is just a slight bonus.  If you don't have any work experience in the field, it doesn't matter what certs you have, they're still gonna stick you in an entry level position (or close to it).  So instead of getting extra paper, get the knowledge to prove yourself once you get that position.

I'm not saying don't get any certs, cause they can help you get through the door.  But make absolutely sure you know what to do when you get there.  If you search around the forums, there are plenty of stories about "paper tigers".  People who have a ton of certs, yet still don't know what they're doing.  Nobody wants to be on of those guys.

All in all, study for the cert that you will learn most from.  Since you're still in school, I would look to take advantage of an internship.  It's a great way to get work experience.  On top of that, there's always a decent chance to get hired at the end of the internship.

No no that's far from what I want.  That is why I chose to actually take the official EC-Council training path rather than just do the test and get the paper.

On the sec+ side, if it is something very different I would do training as well, but I was just wondering if maybe the CEH would encompass everything that the sec+ covers, and I could go pick up an extra cert off the knowledge I gained from my EC Council training.  After all, the training isn't cheap, so two certs would help make it worth the cost.

I am trying to get an internship somewhere, but I'm doing college through online correspondence and they seem like they only have internships in the state the school is in.  Any suggestions for finding internships?

I would say that Sec+ is a perfect candidate for self-study.   I would also say that it's a closer stepping stone to CISSP and not CEH.   If you have time, pick up a few books and go for it.   It covers a fairly broad range of concepts that will help you down the road.

Closer to CISSP than CEH?  Is the CISSP not as hard as I have heard it is then?  I was told it was 10x harder than CEH, but I never really looked into it because of their 5 year experience requirement.

Sorry, I meant in terms of what the covered concepts and not degree of difficulty (which is relative).  CISSP covers a wide area of conceptual knowledge and requires quite a bit of experience.  CEH deals primarily with ethical hacking, pen testing, and vulnerability assessment concepts.   Security+ also covers a fairly wide range of conceptual topics, although not as wide as CISSP.   

I wouldn't worry about degree of difficulty so much.  It's all relative and you have to start somewhere. 

Sounds great thanks for the info!

Job314,
I didn't mean something bad with entry level certs or wanted to lower their value - I will start soon myself with CEH as I think it is worth the efforts.

As already stated, CEH and S+ cover some different areas, so I don't think that a CEH course would teach you enough to pass both exams without extra study materials. Especially for S+ you should be able to find some books and online resources, which should help with self-studying and actually getting the S+ cert.